Re: [Sks-devel] Heartbleed ans HKPS pool

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Heartbleed ans HKPS pool

From:	Kristian Fiskerstrand
Subject:	Re: [Sks-devel] Heartbleed ans HKPS pool
Date:	Tue, 27 May 2014 17:41:56 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 05/27/2014 05:00 PM, Daniel Kahn Gillmor wrote:
> On 05/27/2014 09:27 AM, Dmitry Yu Okunev (pks.mephi.ru) wrote:
>> BTW, is it right that our server is not in the HKPS pool 
>> "hkps.pool.sks-keyservers.net".
>> 


..


> 
> the "host" command just looks things up in the DNS.  the DNS
> round-robin arrangement only publishes a limited number of records
> of any given time (10, maybe?) -- if there are more, they will be
> served randomly on future requests.

Correct, but it is even more complicated than that. The authoritative
DNS server refreshes based on a random 10 servers every 15 minutes.
Which servers are included then depends on any caching in the
downstream DNS servers, so it is quite likely different users will see
a different selection of the enabled servers.

> 
> To check the inclusion of your server in the hkps pool, look at the
> HKPS column of:
> 
> https://sks-keyservers.net/status/

Indeed, or the meta page for the server in question.

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Fabricando fit faber
Practice makes perfect
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJThLJAAAoJEPw7F94F4TagtrYQALCpmGDs2Rt70uvTw3iEyMfC
dJXj4E0wR6jugsxRbQdS3H7VrdRPIlMzA+wd9gy5b2r05Y5OUuYRkmOAe95xAuqq
eZCHeUPn+21Tkzs7ZOQJDNcR+wykU/N3NXH9S3YvH6d9KkKoCB/JacTPS2pPU+IA
7OtJYTKpXNsynSxeJbCz6fFowUeFR6gQ+n67WuQv9XD6C5lSjvz9bq6YcBp8GfML
i7u2etaNJEmE7DwyNFvUldbNi88VrV3KWlCdECLud2Eo76pE9QF/Sf1bqS3+Y2is
wP9RLPuWU8jCVwlbeq0u6KfEufiYwSvs+/pV0xepwskct86OJTc9w5QYaJScHUuE
J9qFOINqst5Su6c+H0CZk4OgkSnZqzH81cjOm8UnR4fc/kl4a32dGgE/Tlyk7aZS
cRSuCrk2VaFv+E9Uu4ySeSAPwrZsTGcl6A77tqgG80UqbnSDzHQNo+nRcM8o+A3U
0g/p1fQtI3J/LYyKJnpA/ZzibAhtReMVg4QyGpDv+SqbkQarvhzf1Mp+bCznnEOg
aDiIDHDd7WfNY/VGDGfv7c7yZl1416gHlgRFiF7Ey4eXkUkpxoU2H2u7SKhY433l
F0DYaY9ZXd+1gTnJ+iqsgI3XjPkIN7JPL3xaEBqAth0uPfPohExRkj1TG72skTOB
pxNtrSfFaglMYvooftcn
=Dx9y
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] Heartbleed ans HKPS pool, Gabor Kiss, 2014/05/24
- Re: [Sks-devel] Heartbleed ans HKPS pool, Kristian Fiskerstrand, 2014/05/24
  - Re: [Sks-devel] Heartbleed ans HKPS pool, Dmitry Yu Okunev (pks.mephi.ru), 2014/05/27
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Daniel Kahn Gillmor, 2014/05/27
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Kristian Fiskerstrand <=
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Rolf Wuerdemann, 2014/05/27
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Andrew Alderwick, 2014/05/27
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Kristian Fiskerstrand, 2014/05/28
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Gabor Kiss, 2014/05/28
  - Re: [Sks-devel] Heartbleed ans HKPS pool, dirk astrath, 2014/05/27
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Christian, 2014/05/28
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Kristian Fiskerstrand, 2014/05/28
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Christian Reiß, 2014/05/28
    - Re: [Sks-devel] Heartbleed ans HKPS pool, dirk astrath, 2014/05/28
    - Re: [Sks-devel] Heartbleed ans HKPS pool, Kristian Fiskerstrand, 2014/05/28

Prev by Date: Re: [Sks-devel] Heartbleed ans HKPS pool
Next by Date: Re: [Sks-devel] Heartbleed ans HKPS pool
Previous by thread: Re: [Sks-devel] Heartbleed ans HKPS pool
Next by thread: Re: [Sks-devel] Heartbleed ans HKPS pool
Index(es):
- Date
- Thread